This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Global Industry Committee

From OWASP
Revision as of 16:35, 3 July 2009 by Clerkendweller (talk | contribs) (Work in Progress: Created link to new SAFECode sub-page)

Jump to: navigation, search

The Global Industry Committee was created during the OWASP EU Summit in Portugal. The primary purpose of the Global Industry Committee is to work with industry executives to gather requirements from industry, work with Membership, Projects and others.

Mission Statement

To expand awareness of and promote the inclusion of software security best practices in Industry, Government, Academia and regulatory agencies and be a voice for industry. We will accomplish this through outreach; including presentations, development of position papers and collaborative efforts with other entities. Powerpoint of Accomplishments


Committee Plan

DRAFT PLAN

Step 1: Identify specific organizations worth working with to spread the OWASP gospel

Step 2: Prioritize the proposed liasons based on potential impact, and also realistic likelihood of the organization actively working with us

Step 3: Execute, leveraging global OWASP resources as much as possible to maximize impact

Step 4: Evaluate progress & repeat Step 1-3

Committee Members

Board Member Rep: Tom Brennan

Committee Members:

OWASP Employees:

  • Alison
  • Kate Hartman

Getting Involved

Mailing List

Join our mailing list

Meetings

The next Global Industry Committee meeting will be:

  • TBC (Conference Bridge: 1-866-534-4754)

Host Code: check calendar invite

Guest Code: 192341


Previous meeting minutes are:

Membership

Membership explains how to become an OWASP organization supporter or individual member.

You don't have to be an OWASP Member or Committee Member to contribute - the current committee members joined for a 12 month term - see How to Join a Committee and Global Committee Pages.


Current Activity

Work in Progress

The current activities being undertaken:

Task Deadline Type Status Description Who
SAFECode Secure Development Practices (update to Oct 2008 version) 31 Jul 2009 Standards In Progress Response to SAFECode "Fundamental Practices for Secure Software Development: A Guide to the Most Effective Secure Development Practices in Use Today." CW
OWASP CSA Project 8 Jul 2009 Standards In Progress Response to RFC Security Guidance for Critical Areas of Focus in Cloud Computing, April 2009, Cloud Security Alliance (CSA) in conjunction with Projects Committee - see project page TB

Completed Items

Task Completed Type Status Description Who
Scotland 25 Jun 2009 Outreach Closed Presentation about the Global Industry Committee, its role and recent activities (presentation slides File:Owasp-scotland-industry-committee-june-2009.ppt and written notes File:Owasp-scotland-industry-committee-june-2009-notes.pdf) CW
OWASP Presentation at CFP Con 2009 1 June 2009 Outreach Closed Deliver presentation on web threats and countermeasures. See CFP tutorial page grep OWASP for more info. DC
ENISA Who-Is-Who Directory - Outreach Closed Contact ENISA regarding OWASP inclusion in directory (in progress). Encourage European chapter leaders to contact their ENISA liaison officers (completed). Contact UK liaison officer on behalf of London, Leeds and Scotland chapters. CW
IIL Insurance Institute of London 2 Jun 2009 Outreach Closed Contact IIL regarding future input to their publication Insurance Aspects of E-Commerce CW
Draft NIST SP 800-118 29 May 2009 Standards Closed Provide response to "Draft NIST Special Publication 800-118 Guide to Enterprise Password Management" CW/EK/RB/DC
Outreach Presentation to Frontier Airlines 7 May 2009 Outreach Closed Provide outreach presentation covering fundamentals of AppSec and Intro to OWASP DC
DPC BS 10012 31 Mar 2009 Standards Closed Provide response to "BS 10012 Specification for the management of personal information in compliance with the Data Protection Act 1998" Draft for Public Comment (DPC) CW
Draft NIST SP 800-53 Revision 3 27 Mar 2009 Standards Closed Provide response to "Draft NIST Special Publication 800-53 (Revision 3) Recommended Security Controls for Federal Information Systems and Organizations" RB
Draft NIST SP 800-122 13 Mar 2009 Standards Closed Provide response to "Draft NIST Special Publication 800-122 Guide to Protecting the Confidentiality of Personally Identifiable Information (PII)" CW
London 12 Mar 2009 Outreach Closed Presentation about the Global Industry Committee, its role and recent activities (presentation slides File:Owasp-london-industry-committee-march-2009.ppt and written notes File:Owasp-london-industry-committee-march-2009-notes.pdf) CW
Digital Britain Interim Report 11 Mar 2009 Legislation Closed Provide response to UK Government's "Digital Britain Interim Report Jan 2009" CW
DPC BS 8878:2009 31 Jan 2009 Standards Closed Provide response to "BS 8878:2009 Web accessibility. Building accessible experiences for disabled people" Draft for Public Comment (DPC) Puneet/CW
AppSec Presentation Delivered to Infragard, Dec 2008 Dec 2008 Outreach Closed Infragard is a collaboration between the US FBI and maintainers of critical infrastructure. Presentation here. Email DC for full PPT with speaker notes DC

General Presentations and Reports

Summaries (for inclusion into other full OWASP presentations):


Other Global Committees